Skip to content

API

Introduction

Contour API's are a set of interfaces developed by Contour to allow direct communication with Contour Services.

API Specifications

For API specification documents, please contact our support team by raising a support ticket for assistance.

Raise Support Ticket

What has changed from 8.0

  • There is no structural changes in API. Changes are only in SWIFT related validations in field size. Click here to view those changes.

API Usage Guide

Constructing Endpoints

Endpoints can be found in the API documentation above.

To make API requests, append the endpoint from the documentation to the hostname of the server running the Contour Application.

i.e. https://<SERVER_NAME>/login

Authentication

Most APIs require authentication, the API authenticates using sessions and cookies.

Therefore, API consumers must first login via the Login Endpoint.

Subsequent requests to the APIs should include the cookies in the header.

Also, for all non-GET method requests (e.g. PUT, POST, DELETE), a CSRF token is needed.

Authentication Example

Login Request

Login with an email address and password:

curl --location --request POST 'https://<SERVER_NAME>/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "<EMAILADDRESS>",
    "password": "<PASSWORD>"
}'

Response Headers for Valid Login:

X-CSRF-TOKEN 7579be26-d7d6-48f2-b429-0811876e9cca
Set-Cookie SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax

Headers for Subsequent Authenticated GET Requests

cookie SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax

Headers for Subsequent Authenticated POST Requests

X-CSRF-TOKEN 7579be26-d7d6-48f2-b429-0811876e9cca
cookie SESSION=YjA2Yjc5N2ItN2MwZi00MmVlLWIwNTItMzc5YWMyMTNmNmZk; Path=/; HttpOnly; SameSite=Lax